Data Transfer from the European Economic Area to the Association of Southeast Asian Nations; Strategic Considerations for In-house Counsel

This article addresses data transfer from the European Economic Area (EEA) to the Association of Southeast Asian Nations (ASEAN) via two strands. First, it explains the data transfer practices from the EEA to ASEAN. Second, it shares the ASEAN practical approaches whilst dealing with data transfer to the EEA and the rest of the world. In between, it preempts strategic considerations to counsels who deal with multilateral data transfer in its business operations coined as the ASEAN Adequacy Checklist (AAC).

Noris Ismail

Noriswadi Ismail (Noris), a member of the International Association of Privacy Professionals, leads Quotient Consulting (QC) as its Co-Founder and Managing Consultant – a boutique bespoke consulting firm that offers array of data protection and privacy consulting services. Since its incorporation, Noris has provided trainings, consultations and capacity building engagements across various spectrums of businesses and industries. QC is also a global contributor of Dataguidance for Malaysia. As part of his pro-bono effort, Noris leads the capacity building programme on data protection and privacy across local universities throughout Malaysia and the Malaysian Institute of Management.
Noris was an Academic Visitor in two renowned centres at the University of Oxford; Centre for Socio-Legal Studies (CSLS), and the Centre for Health, Law and Emerging Technologies (HeLEX). During the Hilary and Trinity terms in CSLS, he researched largely on data protection in Europe and Asia (South Eastasia and East Asia) and was also involved with selected research and events of the Data Protection and Open Society Project under the leadership of Dr. David Erdos, Katzenbach Research Fellow (Balliol College). Whilst during the 3 weeks of summer in HeLEX, he researched on the principles and applications of data protection within the realm of medical informatics, particularly in RFID and Hospital Information Management System.
Noris is a ‘Majlis Amanah Rakyat’ (MARA) Doctoral Scholar (2009-2013) at the Intellectual Property, Internet and Media Research Centre, Brunel Law School, Brunel University, London and previously a British Chevening Scholar (2006-2007) in Strathclyde Law School, Glasgow whilst reading LLM in Information Technology & Telecommunications Law. During his LLM year, he wrote a highly commendable thesis on “Radio Frequency Identification Technology; The Internet of Things that threats Data Protection and Privacy?” His articles on data protection have also been published in the Rate A Journal (Computer Law & Security Review), the International Journal of Technology Transfer and Commercialisation and the International Data Privacy Law Journal (Oxford University Press, Oxford Journals).
Noris is the Lead Editor of the first practitioner-based data protection book in Malaysia and Southeast Asia, titled ‘Beyond Data Protection’ published by Springer (2013). On January 2013, recognised and appointed as the Privacy by Design Ambassador by the Privacy and Information Commissioner, Ontario, Canada, Dr. Ann Cavoukian.